Primary

Context

Itwanger Paicoding Information Disclosure Vulnerability in Browsing History Handler

Vulnerability

A vulnerability allowing information disclosure has been identified in Itwanger Paicoding version 1.0.3. The issue arises in the Browsing History Handler component, specifically within the '/user/home?userId=1&homeSelectType=read' file. This vulnerability allows for the unauthorized reading of users' browsing histories, which is not intended to be accessible, thereby threatening user privacy. The issue can be exploited remotely.

Impact

Exploitation of this vulnerability allows for the unauthorized access and disclosure of users' browsing histories, posing a significant risk to user privacy.

Reproduction

To reproduce this vulnerability, access the '/user/home?userId=1&homeSelectType=read' interface. This will directly retrieve the browsing history of other users, which is not visible by design, highlighting a logical flaw in the application's privacy controls.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.6

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Itwanger Paicoding Information Disclosure Vulnerability in Browsing History Handler

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating